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Introduction 


The Information Commissioner is seeking feedback on her draft code of 
practice Age appropriate design - a code of practice for online services 
likely to be accessed by children (the code). 


The code will provide guidance on the design standards that the 
Commissioner will expect providers of online ‘Information Society 
Services’ (ISS), which process personal data and are likely to be accessed 
by children, to meet. 


The code is now out for public consultation and will remain open until 31 
May 2019. The Information Commissioner welcomes feedback on the 
specific questions set out below. 


Please send us your comments by 31 May 2019. 


Download this document and email to: 


ageappropriatedesign@ico.org.uk 


Print off this document and post to: 
Age Appropriate Design code consultation 
Policy Engagement Department 
Information Commissioner’s Office 
Wycliffe House 

Water Lane 

Wilmslow 

Cheshire SK9 5AF 


If you would like further information on the consultation please 
telephone 0303 123 1113 and ask to speak to the Policy 
Engagement Department about the Age Appropriate Design code or 


email_ageappropriatedesign@ico.org.uk 


Privacy statement 


For this consultation, we will publish all responses except for those where 
the respondent indicates that they are an individual acting in a private 
capacity (e.g. a member of the public or a parent). All responses from 
organisations and individuals responding in a professional capacity (e.g. 
academics, child development experts, sole traders, child minders, 
education professionals) will be published. We will remove email 
addresses and telephone numbers from these responses but apart from 
this, we will publish them in full. 


For more information about what we do with personal data, please see 
our privacy notice. 


Section 1: Your views 


Q1. Is the ‘About this code’ section of the code clearly communicated? 


Yes 
If NO, then please provide your reasons for this view. 


Q2. Is the ‘Services covered by this code’ section of the code clearly 
communicated? 


No 

The section on types of online services not covered by the code could 
be clarified further in relation to websites using third party cookies. 
While the website itself might not allow customers to buy products 
online or access a specific online service, it still might gather 
information about user engagement with the content and share this 
with third parties for commercial purposes. 


Standards of age-appropriate design 


Please provide your views on the sections of the code covering each of 
the 16 draft standards 


1. Best interests of the child: The best interests of the child should be 
a primary consideration when you design and develop online services 
likely to be accessed by a child. 


2. Age-appropriate application: Consider the age range of your 
audience and the needs of children of different ages. Apply the standards 
in this code to all users, unless you have robust age-verification 
mechanisms to distinguish adults from children. 


3. Transparency: The privacy information you provide to users, and 
other published terms, policies and community standards, must be 
concise, prominent and in clear language suited to the age of the child. 
Provide additional specific ‘bite-sized’ explanations about how you use 
personal data at the point that use is activated. 


4. Detrimental use of data: Do not use children’s personal data in ways 
that have been shown to be detrimental to their wellbeing, or that go 
against industry codes of practice, other regulatory provisions or 
Government advice. 


5. Policies and community standards: Uphold your own published 
terms, policies and community standards (including but not limited to 
privacy policies, age restriction, behaviour rules and content policies). 


6. Default settings: Settings must be ‘high privacy’ by default (unless 
you can demonstrate a compelling reason for a different default setting, 
taking account of the best interests of the child). 


7. Data minimisation: Collect and retain only the minimum amount of 

personal data necessary to provide the elements of your service in which 
a child is actively and knowingly engaged. Give children separate choices 
over which elements they wish to activate. 


8. Data sharing: Do not disclose children’s data unless you can 
demonstrate a compelling reason to do so, taking account of the best 
interests of the child. 


9. Geolocation: Switch geolocation options off by default (unless you can 
demonstrate a compelling reason for geolocation, taking account of the 


best interests of the child), and provide an obvious sign for children when 
location tracking is active. Options which make a child’s location visible to 
others must default back to off at the end of each session. 


10. Parental controls: If you provide parental controls give the child 
age appropriate information about this. If your online service allows a 
parent or carer to monitor their child’s online activity or track their 
location, provide an obvious sign to the child when they are being 
monitored. 


11. Profiling: Switch options based on profiling off by default (unless you 
can demonstrate a compelling reason for profiling, taking account of the 
best interests of the child). Only allow profiling if you have appropriate 
measures in place to protect the child from any harmful effects (in 
particular, being fed content that is detrimental to their health or 
wellbeing). 


12. Nudge techniques: Do not use nudge techniques to lead or 
encourage children to provide unnecessary personal data, weaken or turn 
off privacy protections, or extend use. 


13. Connected toys and devices: If you provide a connected toy or 
device ensure you include effective tools to enable compliance with this 
code 


14. Online tools: Provide prominent and accessible tools to help children 
exercise their data protection rights and report concerns. 


15. Data protection impact assessments: Undertake a DPIA 
specifically to assess and mitigate risks to children who are likely to 
access your service, taking into account differing ages, capacities and 
development needs. Ensure that your DPIA builds in compliance with this 
code. 


16. Governance and accountability: Ensure you have policies and 
procedures in place which demonstrate how you comply with data 
protection obligations, including data protection training for all staff 
involved in the design and development of online services likely to be 
accessed by children. Ensure that your policies, procedures and terms of 
service demonstrate compliance with the provisions of this code 


Q3. Have we communicated our expectations for this standard clearly? 
1. Best interests of the child 


No 


1) Our research found that companies’ claims that certain features 
are in place to afford the ‘best customer experience’ can be 
confusing to children. Children often understand such messages to 
mean that this is in their best interest and to their benefit, agreeing 
to enable features which, otherwise, they might not enable. This 
needs to be rectified by the code of practice making sure that ‘best 
customer experience’ is not understood as ‘the best interest of the 
child’ by young users. In addition, companies also need to be made 
aware that these are different. 


2) The code also should specify more clearly that unintended harm 
is included, for example in relation to user-generated harmful 
content. 


2. Age-appropriate application 
No 


1) Reflecting the difficulty of establishing the real age of all users, the 
code needs to provide more guidance in relation to the age-verification 
process, for example setting out criteria/ standards for robust age- 
verification. 


2) The code needs to specify more clearly that setting a minimum age 
requirement for a service and self-select age are not sufficient measures 
to comply with the code. 


3) The disadvantages of grouping all non-adults under one category - 
even though the code discusses child development, in practice the age 
verification requirement might lead to grouping all children under one 
category with high protection features/ limited access. This will not allow 
children to learn the digital skills they would need later on and to get 
gradual exposure to an environment with lower protections, building 
competence and resilience. The code should aim to encourage age- 
appropriate design more clearly in a way that supports child 
development, rather than limiting it. 


3. Transparency 
No 


It is important that transparency happens at all stages of the user 
journey: 

1) Before signing up to the service the user needs to know what might 
be included - for example, what data is gathered and how it is used, with 
whom the data is shared, and for how long it is kept (during service use 
and after the account is deleted); 


2) During use: clear how to change settings/options and what each 
means; 


3) When the service is no longer used: how is data going to be 
used/kept and for how long. 


4) Finally, our data shows that not only children find terms and 
conditions difficult to understand, but they are additionally confused by 
the different standards the services use. The code can state clearly that it 
encourages Clarity and consistency within the sector. 

4. Detrimental use of data 


No 


The code could expand the guidance on avoiding unexpected future 
detrimental use in several ways: 


1) By encouraging companies to keep user data for shorter periods, 
especially data that has already been deleted or discarded by the 
user (e.g. deleted within app content, dormant or deleted accounts) 


2) Encouraging minimum data distribution within and between 
companies to minimise the risk of security breaches 


3) Limit the distribution of data to 3rd parties only with the 
requirement that the company which shares data needs to ensure 
that there will be no detrimental use of data by any of the 3rd party 
companies. Make it illegal of 3rd party companies to share user 
data further as it is virtually impossible for the user to know where 
their data is going and, therefore, to consent. 


5. Policies and community standards 
YES/NO. 


If NO, then please provide your reasons for this view. 


6. Default settings 
No 


There are a couple of points where the code can be clarified: 

1) You should not ‘make your users’ personal data visible to indefinite 
numbers of other users’— this is unclear. Does it relate to ‘public profiles’ 
only? 

2) What can be seen as a ‘compelling reason’ for different default 
settings — perhaps some examples of what is not a compelling reason 
would be helpful. 

7. Data minimisation 

No 


More guidance can be given in relation to: 

1) Deletion of data: request companies to set automatic deletion of all 
data deleted data by the user. This should involve automatic retraction of 
data from 3rd parties in cases of deleted or dormant accounts. 


2) Visualisation of the opt in and out options: both options should be 
available at the same time and with equal visualisation). General 
messages that this would affect the functioning of the service should not 
be acceptable as they are confusing to children. If such message is 
displayed, it needs to state clearly what part of the service will work and 
what won't. 


3) No data to be gathered if not part of the service: needs to state more 
clearly that such data cannot be requested from the child user at any 
point (e.g. location data to be collected by apps which do not provide 
location-based service). 

8. Data sharing 

No 


1) Anonymised data: only anonymised data should be shared with 
third parties. 

2) Sharing data beyond third parties: third parties should not be able 
to share personal data (unless for child protection). 

9. Geolocation 

No 


This could include a requirement that the company should not make 
users’ location data visible to indefinite numbers of other users. 

10. Parental controls 

Yes 


If NO, then please provide your reasons for this view. 


11. Profiling 
Yes 


If NO, then please provide your reasons for this view. 


12. Nudge techniques 
No 


There is a wide range of nudge techniques and some can be disguised as 
good customer service/ communication (e.g. notifications and reminders). 
The code can be more elaborate and specific in its description of nudge 
techniques. 

13. Connected toys and devices 

Yes 


If NO, then please provide your reasons for this view. 
14. Online tools 
No 


Children often complain that they do not see any response from the 
companies. This section needs to include a requirement that companies: 
1) prioritise requests submitted by a child and 2) contact the child to 
report the outcome 

15. Data protection impact assessments 

Yes 


If NO, then please provide your reasons for this view. 
16. Governance and accountability 


Yes 


If NO, then please provide your reasons for this view. 


Q4. Do you have any examples that you think could be used to illustrate 
the approach we are advocating for this standard? 


1. Best interests of the child 
YES/NO. 
If YES, then please provide details. 


2. Age-appropriate application 
YES/NO. 


If YES, then please provide details. 
3. Transparency 


Yes 


Snapchat: access your Snapchat data (https://support.snapchat.com/en- 
US/article/access-my-datal1); privacy explained 
(https://support.snapchat.com/en-US/article/snapchat-privacy- 
explained), when are snaps and chats deleted 
(https://support.snapchat.com/en-US/article/when-are-snaps-chats- 
deleted) 


Facebook: access and download your data 
(https://www.facebook.com/help/1701730696756992/?helpref=hc_fnav)- 
the idea is good but not child firnedly 


Twitter: What location information is attached to my Tweets? 
(https://help.twitter.com/en/safety-and-security/tweet-location-settings) 
Sharing your data with other companies 
(https://help.twitter.com/en/safety-and-security/data-through- 
partnerships) 


Ask.fm: what happens to my data when I deactivate my account? 
(https://support.ask.fm/hc/en-us/articles/115008832048-What-happens- 
to-my-questions-when-I-deactivate-my-account-) 

4. Detrimental use of data 


YES/NO. 
If YES, then please provide details. 


5. Policies and community standards 
YES/NO. 


If YES, then please provide details. 
6. Default settings: 
YES/NO. 


If YES, then please provide details. 
7. Data minimisation 
YES/NO. 


Twitter: change personalisation and data gathering: 
https://help.twitter.com/en/personalization-data-settings 
8. Data sharing 

Yes 


Spotify - a good example of clarity about data sharing: 
https://www.spotify.com/uk/legal/cookies-vendor-list/ 
9. Geolocation 


YES/NO. 


If YES, then please provide details. 
10. Parental controls 
YES/NO. 


If YES, then please provide details. 
11. Profiling 
YES/NO. 


If YES, then please provide details. 
12. Nudge techniques 
YES/NO. 


If YES, then please provide details. 


13. Connected toys and devices 
YES/NO. 


If YES, then please provide details. 


14. Online tools 
YES/NO. 


If YES, then please provide details. 


15. Data protection impact assessments 
YES/NO. 


If YES, then please provide details. 
16. Governance and accountability 


YES/NO. 


If YES, then please provide details. 


Q5. Do you think this standard gives rise to any unwarranted or 
unintended consequences? 


1. Best interests of the child 


No 


2. Age-appropriate application 


Yes 


Children might be grouped in one category with high privacy protection, 
preventing their gradual development of digital skills and awareness of 
risks, making them face suddenly a very different environment when they 
reach adulthood. The new requirements might also prompt some 
companies to raise the minimum age restrictions to 18 years of age, 
leading to the exclusion of many children who would benefit a child- 
friendly version of the service. 

3. Transparency 
No 


4. Detrimental use of data 


No 
If YES, then please provide your reasons for this view. 


5. Policies and community standards 
No 


If YES, then please provide your reasons for this view. 
6. Default settings 
No 


If YES, then please provide your reasons for this view. 
7. Data minimisation 
No 


If YES, then please provide your reasons for this view. 
8. Data sharing 
No 


If YES, then please provide your reasons for this view. 
9. Geolocation 
No 


If YES, then please provide your reasons for this view. 
10. Parental controls 
Yes 


A lot of efforts would be needed to ensure that parental controls do not 
impede children’s rights to independence and agency. This might also 
put additonal pressure on parents and some of them might not have the 
digital skills required to handle these contrils, the time or awareness why 
their involvement might be important. 

11. Profiling 


No 


12. Nudge techniques 
No 


13. Connected toys and devices 
No 


If YES, then please provide your reasons for this view. 
14. Online tools 
No 


If YES, then please provide your reasons for this view. 
15. Data protection impact assessments 
No 


If YES, then please provide your reasons for this view. 
16. Governance and accountability 


No 


If YES, then please provide your reasons for this view. 


Q6. Do you envisage any feasibility challenges to online services 
delivering this standard? 


1. Best interests of the child 
Yes 


There is a potential danger of businesses interpreting that best interests 
of the child as similar to best customer experience. 


2. Age-appropriate application 
Yes 


Establishing what is an age-appropriate design can be difficult as 
differences within (as well as across) age groups can be substantial. 
Policy must pay special attention to those who may be of greater 
vulnerability, such as indigenous or ethnic minority children, migrants, 
children in poor or rural settings or those who have some form of 
disability. 


Due to the nature of the existing research, it is difficult to provide 
robust evidence to support strictly identified age brackets and to cover 
the full age spectrum under 18 years. 


Finally, age verification itself is a very challenging process. 
3. Transparency 
Yes 


Children are often misguided by the marketing language used by 
companies and trust them when they say that something in for 
children’s own benefit, services might not work properly without 
enabling certain functionality, or that the company prioritises customer 
privacy. The language used might make a transparent message hard to 
understand for a child. 

4. Detrimental use of data 


No 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 


5. Policies and community standards 
No 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 

6. Default settings 

No 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 

7. Data minimisation 

No 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 

8. Data sharing 

No 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 

9. Geolocation 

No 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 
10. Parental controls 


Yes 


Children without parents or with paretns who have less skills or time to 
engage with them oul dbe at a disadvantage. 


11. Profiling 
Yes 


It is hard to establish how profiling leads to bias, inequalities and 
exclusion and prevent this. 

12. Nudge techniques 

Yes 


Nudge techniques can be disguised as good customer service/ 
communication (e.g. notifications and reminders) and it is hard to prove 
their harmful/ addictive nature. 

13. Connected toys and devices 
YES/NO. 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 

14. Online tools 

YES/NO. 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 

15. Data protection impact assessments 

YES/NO. 


If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 
16. Governance and accountability 


YES/NO. 
If YES, then please provide details of what you think the challenges are 
and how you think they could be overcome. 


Q7. Do you think this standard requires a transition period of any longer 
than 3 months after the code come into force? 


1. Best interests of the child 


No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 


2. Age-appropriate application 
No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

3. Transparency 

No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

4. Detrimental use of data 


No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 


5. Policies and community standards 
No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

6. Default settings 

No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

7. Data minimisation 

No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 


8. Data sharing 
No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 


9. Geolocation 
No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

10. Parental controls 

Yes 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

11. Profiling 

No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

12. Nudge techniques 

No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

13. Connected toys and devices 

No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

14. Online tools 

No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 

15. Data protection impact assessments 


No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 


16. Governance and accountability 
No 


If YES, then please provide your reasons for this view, and give an 
indication of what you think a reasonable transition period would be and 
why. 


Q8. Do you know of any online resources that you think could be usefully 
linked to from this section of the code? 


1. Best interests of the child 
No 
If YES, then please provide details (including links). 


2. Age-appropriate application 
No 


If YES, then please provide details (including links). 
3. Transparency 
No 


If YES, then please provide details (including links). 
4. Detrimental use of data 


No 
If YES, then please provide details (including links). 


5. Policies and community standards 
No 


If YES, then please provide details (including links). 
6. Default settings 


No 


If YES, then please provide details (including links). 
7. Data minimisation 
No 


If YES, then please provide details (including links). 
8. Data sharing 
No 


If YES, then please provide details (including links). 
9. Geolocation 
No 


If YES, then please provide details (including links). 
10. Parental controls 
No 


If YES, then please provide details (including links). 
11. Profiling 
No 


If YES, then please provide details (including links). 
12. Nudge techniques 
No 


If YES, then please provide details (including links). 
13. Connected toys and devices 
No 


If YES, then please provide details (including links). 
14. Online tools 
No 


If YES, then please provide details (including links). 
15. Data protection impact assessments 
No 


If YES, then please provide details (including links). 
16. Governance and accountability 


No 


If YES, then please provide details (including links). 


Q9. Is the ‘Enforcement of this code’ section clearly communicated? 
Yes 

If NO, then please provide your reasons for this view. 

Q10. Is the ‘Glossary’ section of the code clearly communicated? 


Yes 
If NO, then please provide your reasons for this view. 


Q11. Are there any key terms missing from the ‘Glossary’ section? 
Yes 


If YES, then please provide your reasons for this view. 


Q12. Is the ‘Annex A: Age and developmental stages’ section of the 
code clearly communicated? 


Yes 
If NO, then please provide your reasons for this view. 


Q13. Is there any information you think needs to be changed in the 
‘Annex A: Age and developmental stages’ section of the code? 


Yes 
If YES, then please provide your reasons for this view. 


Q14. Do you know of any online resources that you think could be 
usefully linked to from the ‘Annex A: Age and developmental 
stages’ section of the code? 


Yes 


If YES, then please provide details (including links). 


Q15. Is the ‘Annex B: Lawful basis for processing’ section of the 
code clearly communicated? 


Yes 
If NO, then please provide your reasons for this view. 


Q16. Is this ‘Annex C: Data Protection Impact Assessments’ 
section of the code clearly communicated? 


Yes 
If NO, then please provide your reasons for this view. 


Q17. Do you think any issues raised by the code would benefit from 
further (post publication) work, research or innovation? 


Yes 


If YES, then please provide details (including links). 


Section 2: About you 


Are you: 


A body representing the views or interests of children? 


Please specify: 


A body representing the views or interests of parents? 


Please specify: 


A child development expert? 


Please specify: 


An Academic? 
Please specify: 


Mariya Stoilova is a post-doctoral research officer at the London 
School of Economics and Political Science (LSE). 


Professor Sonia Livingstone, OBE is a full professor in the 
Department of Media and Communications at the London School 
of Economics and Political Science (LSE). 


This research is based on the ICO-funded project Children's data 
and Privacy Online (http://www.|se.ac.uk/media-and- 
communications/research/research-projects/childprivacyonline) 


Summary of early findings: 
https://blogs.lse.ac.uk/mediapolicyproject/2019/01/28/childrens- 
personal-privacy-online-its-neither-personal-nor-private/ 


About the research methodology: http://www.lse.ac.uk/media- 
and- 
communications/assets/documents/research/projects/childrens- 
privacy-online/Talking-to-children-about-data-and-privacy- 
online-methodology-final. pdf 


Review of the existing evidence: http://www.lse.ac.uk/media- 
and- 
communications/assets/documents/research/projects/childrens- 
privacy-online/Evidence-review. pdf 


Other relevant outputs from the project: 


Livingstone, Sonia (2018) Children: a special case for privacy? 
Intermedia, 46 (2). pp.18-23. 


An individual acting in another professional capacity? 


Please specify: 


A provider of an ISS likely to be accessed by children? 


Please specify: 


A trade association representing ISS providers? 


Please specify: 


An individual acting in a private capacity (e.g. someone providing 
their views as a member of the public of the public or a parent)? 


An ICO employee? 


Other? 


Please specify: 


Thank you for responding to this consultation. 


We value your input. 


